Allow LXC container auto mounts to be customised

The list of auto mounts is currently hardcoded so there is
no opportunity to adjust the mounts or change the permissions
if necessary.

This patch converts the mounts to a list which can be overridden
as required via host or group vars.

The auto mount configuration is assumed to only be present once
in the LXC config file and any existing statements are replaced.
Change-Id: I62deed28287dae8b289bf882ca0b1a24b207c92d

defaults/main.yml

@@ -39,6 +39,13 @@ lxc_container_default_bind_mounts:
   - host_directory: "/openstack/backup/{{ inventory_hostname }}"
     container_directory: "/var/backup"
 
+# A list of automatic mounts to be passed to the lxc.mount.auto config key
+# See lxc.container.conf(5)
+lxc_container_mount_auto:
+  - "proc:mixed"
+  - "sys:ro"
+  - "cgroup:mixed"
+
 # When using a base container to snapshot from for the overlayfs or LVM
 # copy-on-write backing stored, the base container prefix/name can be set.
 lxc_container_base_name_prefix: ''

tasks/lxc_container_config.yml

@@ -25,12 +25,11 @@
   notify:
     - Lxc container restart
 
-- name: Ensure containers have access RO cgroups
+- name: Ensure containers have required auto mounts
   lineinfile:
     dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
-    line: "lxc.mount.auto = proc:mixed sys:ro cgroup:mixed"
-    regexp: "^lxc.mount.auto = proc:(rw|mixed) sys:ro cgroup:(ro|mixed)$"
-    insertafter: "^lxc.mount.auto"
+    line: "lxc.mount.auto = {{ lxc_container_mount_auto | join(' ') }}"
+    regexp: "^lxc.mount.auto ="
     backup: "true"
   delegate_to: "{{ physical_host }}"